Setup Docker to support 4TB filesystem (default is 100GB limit). Note we create sparse file; unsure if this is required but remembering that OpenStack will be looking at available disk space before scheduling host. Note that this destroys any Docker images / running containers. That’s why we do it now, before we’ve run anything.

There are terrible things discussed about the default devicemapper driver with Docker. Many suggest to use overlayfs. Too bad it doesn’t work with XFS file systems on CentOS 7…and that XFS is the file system used by default when creating new partitions during Anaconda install. So…if you want to use overlayfs, follow these steps. I have not.

Nova Compute Integration

Stop Docker so we can continue with Nova Compute:

systemctl stop docker

Add Nova Compute user to dockerroot group for Docker unixsocket access. Note that this is deprecated by the Atomic Project article above, but that OpenStack Nova Compute does actually need to run Docker 🙂

usermod -a -G dockerroot nova

Install driver on Nova Compute, then restart Docker. Note these instructions are specific to OpenStack Kilo and will certainly change for other releases:

Glance Integration

Nova Scheduler Integration

On your Nova Controller (running openstack-nova-scheduler), run the following steps. These modify the Nova Scheduler to place Docker instances only on Docker-enabled Nova Compute hosts. The steps also assume you have sourced in the appropriate OpenStack credentials file:

Assuming you are using default KVM (also displayed as QEMU although – as you well know – they are not the same thing), modify all existing flavors to have a new attribute indicating they are KVM:

Modify Nova Scheduler via /etc/nova/nova.conf to use the AggregateInstanceExtraSpecsFilter so that the virt_type property we set above will be used to filter out hosts that have incompatible hypervisors:

Now boot an instance from the image. I won’t show the nova boot commands because it uses lots of ID values; just use Horizon for this. When you are done, you can see the instance (I’ve named it dockertest and I used a project named sab-sadmin-dev. This also demonstrates a funny OpenStack one-liner: